Export limit exceeded: 47205 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (47205 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-1113 2 Maian, Menalto 2 Gallery, Gallery 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the administration subsystem in Gallery 2 before 2.3.2 and 3 before 3.0.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-5225 1 Eliteweaver 1 Xclick Cart 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in webscr.php in xClick Cart 1.0.1 and 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the shopping_url parameter.
CVE-2012-5177 2 Welcart, Wordpress 2 Welcart Plugin, Wordpress 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Welcart plugin before 1.2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-3531 1 Typo3 1 Typo3 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Install Tool in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-3457 1 Getsymphony 1 Symphony 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS 2.0.7 and 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) fields[website] parameter in the post comments feature in articles/a-primer-to-symphony-2s-default-theme/ or (2) send-email[recipient] parameter to about/. NOTE: some of these details are obtained from third party information.
CVE-2013-0667 1 Siemens 1 Wincc Tia Portal 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
CVE-2013-0668 1 Siemens 1 Wincc Tia Portal 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the HMI web application in Siemens WinCC (TIA Portal) 11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL.
CVE-2012-1188 1 Fork-cms 1 Fork Cms 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Fork CMS before 3.2.7 allow remote attackers to inject arbitrary web script or HTML via the (1) type or (2) querystring parameters to private/en/error or (3) name parameter to private/en/locale/index.
CVE-2013-6010 2 Wearegumball, Wordpress 2 Comment-attachment, Wordpress 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Comment Attachment plugin 1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the "Attachment field title."
CVE-2012-1190 1 Phpmyadmin 1 Phpmyadmin 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the replication-setup functionality in js/replication.js in phpMyAdmin 3.4.x before 3.4.10.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted database name.
CVE-2013-0703 1 Big 1 Imgboard 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in imgboard.com imgboard before 1.22R6.1 u and 20xx before 2010u allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-3177 2 Mozilla, Redhat 3 Firefox, Seamonkey, Enterprise Linux 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the Gopher parser in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, and SeaMonkey before 2.0.9, allow remote attackers to inject arbitrary web script or HTML via a crafted name of a (1) file or (2) directory on a Gopher server.
CVE-2013-6005 1 Cybozu 1 Dezie 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Cybozu Dezie before 8.1.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to the Cancel button.
CVE-2013-0708 1 Bayashi 1 Dopvcomet\* 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in dopvCOMET* 0009b allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header, which is not properly handled during display of the access log.
CVE-2013-0709 1 Bayashi 1 Dopvstar\* 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in dopvSTAR* 0091 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header, which is not properly handled during display of the access log.
CVE-2013-3375 1 Cisco 1 Prime Central For Hosted Collaboration Solution 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the portal page in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCue23798.
CVE-2013-5996 1 Lockon 1 Ec-cube 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in shopping/payment.tpl components in LOCKON EC-CUBE 2.11.0 through 2.13.0 allow remote attackers to inject arbitrary web script or HTML via crafted values.
CVE-2012-2889 2 Apple, Google 2 Iphone Os, Chrome 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to inject arbitrary web script or HTML via vectors involving frames, aka "Universal XSS (UXSS)."
CVE-2012-4004 1 Fenrir-inc 1 Sleipnir Mobile 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Sleipnir Mobile application 2.2.0 and earlier and Sleipnir Mobile Black Edition application 2.2.0 and earlier for Android allows remote attackers to inject arbitrary web script or HTML via a crafted application that interacts with an unspecified Sleipnir Mobile function.
CVE-2012-5169 1 Atutor 1 Acontent 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in file_manager/preview_top.php in ATutor AContent before 1.2-2 allow remote attackers to inject arbitrary web script or HTML via the (1) pathext, (2) popup, (3) framed, or (4) file parameter.